I use OpenConnect vpn on my Linux Mint. VPN connects fine, but my system never used to get any DNS updates after the VPN connection. I always had to use IP address to connect to any machine behind the VPN.
On successful connection, OpenConnect updates your /etc/resolv.conf with new nameservers. However, that was not happening, and /etc/resolv.conf was always having following contents.
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 127.0.0.1
VPN connection runs /etc/vpnc/vpnc-script to update /etc/resolv.conf.After debugging the script, i found that script was not even attempting to update resolve.conf file. Further analysis found that, all the DNS request on my system were being routed through Dnsmasq. The Dnsmasq subsystem provides a local DNS server for the network, with forwarding of all query types to upstream recursive DNS servers and cacheing of common record types. You can confirm that your system is running dnsmasq by running following command. Try executing this commands when you have the VPN connection established.
$ netstat -anp | grep -i dnsmasq
If your system is running dnsmasq, then run following command to get information about dnsmasq.
$ ps -ef | grep -i dnsmasq
Running the above command on my machine gave me following output.
nobody 23360 961 0 10:33 ? 00:00:00 /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts --bind-interfaces --pid-file=/run/sendsigs.omit.d/network-manager.dnsmasq.pid --listen-address=127.0.1.1 --conf-file=/var/run/NetworkManager/dnsmasq.conf --cache-size=0 --proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq --conf-dir=/etc/NetworkManager/dnsmasq.d
Notice the –conf-dir = /etc/NetworkManager/dnsmasq.d in the above command output. This is the directory from where dnsmasq loads its configuration files. Now create a dnsmasq.conf inside this directory. and add following entries in dnsmasq.conf .
#Add entry with .domain and nameserver for forwarding the dns requests for that domain server=/.mydomain.com/10.1.1.11 server=/.my-domain.com/10.1.1.11
I could not figure out a way to reload the above config for dnsmasq. So i had to restart my machine. After restart, i reconnected the openconnect, and now DNS was resolving fine.